Strong passwords are typically an important part of computer system security. A password that is based on a natural language word or on a person's given name may be easy for an unauthorized user to guess and the unauthorized user may thereby gain access to confidential information protected by the password. One way to encourage users to generate strong passwords is to provide visual feedback representing the relative strength of a candidate password, such as a progress bar indicator that increases with password strength.
Some existing methods of password strength measurement analyze candidate passwords by searching through a dictionary of existing words to find matches. This approach has several drawbacks. If, for example, the dictionary is stored on a local device, such as a personal digital assistant or a cellular phone, and a search is performed thereon, the dictionary and search may be resource-intensive in terms of storage space, time, and computing power, and may consume a significant portion of the resources available on the local device. In addition, the results of the search are typically only as good as the searched dictionary, which may be incomplete or outdated. If, instead, the candidate password is generated locally but sent over a network to be evaluated remotely, the user must typically ensure that the network as well as the evaluation program itself may be trusted to keep the password secure.
Accordingly, improved systems and methods of password strength measurement are needed.